System preparations
When running ApiOmat in a non-testing environment, some settings should be done in the underlying operation system to ensure that all features are working as expected.
Firewall
ApiOmat uses the following ports. Please be aware that, depending on which machines you install the Dashboard and/or YAMBAS parts on, you do not need to open ALL of these ports.
| Port | Transport | Service | Host | Client | 
| 80/443 | TCP 
 | Dasboard | Application Server | Outside World | 
| 8080 | TCP | YAMBAS | Application Server | Outside World | 
| 5701 | TCP | Hazelcast | Application Server | Application Server | 
| 2022 | TCP | FTP/Webhosting Module | Application Server | Outside World | 
| 2300 | TCP | FTP/Webhosting Module | Application Server | Outside World | 
| 123 | UDP | NTP (Windows only) | All | Outside World | 
Example:
sudo ufw allow 22sudo ufw allow 8080sudo ufw allow 5701sudo ufw allow 2022sudo ufw allow 2300sudo ufw enablesudo iptables -I INPUT 1 -i eth0 -p tcp --dport 8080 -j ACCEPTsudo iptables -I INPUT 1 -i eth0 -p tcp --dport 80 -j ACCEPTsudo iptables -I INPUT 1 -i eth0 -p tcp --dport 443 -j ACCEPTsudo iptables -I INPUT 1 -i eth0 -p tcp --dport 5701 -j ACCEPTsudo iptables -I INPUT 1 -i eth0 -p tcp --dport 2022 -j ACCEPTsudo iptables -I INPUT 1 -i eth0 -p tcp --dport 2300 -j ACCEPT
The Apache Webserver delivered with the Dashboard can also be configured to proxy all calls to Apache Tomcat. Thus, port 8080 has only to be opened to the machines running the Dashboard.
License Server reachability
To contact the license server and activate the license, YAMBAS must be able to contact the license server at https://apiomat.org/algas; it may be necesary to set up both IPs for this domain (185.3.40.250/185.3.40.251) in proxy and firewall settings.
Package dependencies
The following packages are required when installing ApiOmat with one of our Linux packages:
Ubuntu
-     debconf 
-     curl 
-     apache2 
-     libapache2-mod-php5 
-     php5-mcrypt 
-     php5-curl 
-     php-pear 
CentOS
-     curl 
-     httpd (or apache2 for suse) 
-     php5 
-     php5-curl 
-     php5-mcrypt 
-     php5-pear 
-     wget 
-     policycoreutils-python 
Red Hat
The following packages, installed on a Red Hat 7 installation solves the dependency issues:
SMTP
ApiOmat sends eMails for forgotten password or other purposes. Therefore, standard SMTP server on localhost, listening on port 25, is needed. Currently, no authentication is used. You can use for example hMailServer for windows or Postfix for linux.
Postfix settings:
-     Kind: "Satellitensystem" 
-     SMTP-Relay-Server: IP of load balancer 
DNS
The following settings are assumed:
-     All hosts know each other by name. The name resolution is preferably done via local settings and not via a public DNS server 
-     The application server can reach the URL which is later used to access ApiOmat from outside 
-     Neither the IP nor the hostname of any of the hosts is changing 
Loadbalancer
When using more than one application server, a load balancer on top of the ApiOmat system is required. The load balancer can use the URL <BASEURL>/yambas/rest to check if the YAMBAS services are running. The following settings have to be done:
-     Install SSL certificate in Load Balancer 
-     Algorithm: Persistence/Sticky (after the first request, all further ones for a specific user are routed to the same application server) 
-     Use the URL of the load balancer as yambasHost setting in ApiOmat 
Character encoding
In order to avoid possible problems with special characters in module-code or model-data be sure that the character encoding in the environment you are about to run your application server in is set to UTF-8. Check your system documentation and the documentation of your application server to find out more.